The second revision of the Payment Services Directive, known as PSD2, is fast approaching and should be on the radar of every online business owner.

Is your website ready for new regulations? Here’s what you should do to stay assured that you’re heading down the right path.

What is PSD2?

From 14 September 2019, every online payment in Europe will have to go through strong customer authentication (SCA), which is a requirement of PSD2, European Union’s regulation. In short, the directive establishes a unified regulatory framework for all players on the payment market and makes banks to provide access to their customers’ accounts via open API.

The main PSD2 objectives are standardizing regulations for banks and payment providers, increasing payment security, reducing fraud, and fostering innovation and competition. Find out more about PSD2 in this article.

How will PSD2 impact online payments?

While a minimal requirement to stay compliant with PSD2 is having two-factor authentication, online purchases will be more secure on a number of websites that haven’t used this functionality so far. If you think about it as something that may reduce potential chargebacks (that can be costly for businesses) and a solution for fighting fraud that also helps you build customers’ trust, the benefits are obvious.

However, the strong customer authentication that comes along with PSD2 could have a negative impact on customer experience. Why? Another layer of security leads to adding complexity to the customer experience. So, merchants are concerned that this extra authentication step will affect the seamless buying process on their websites.

When PSD2 comes into effect, merchants need to have the authentication built into their checkout flow. If not, they should prepare for severe consequences, such as a massive drop in sales and conversion, transaction declines, or damage to customer experience caused by checkout friction.

A new way of payment authentication on your site

There’s no question that your main goal is to do as many as you can to reduce confusion at checkout, improve conversion, and reduce dropout.

Banks need to be ready with their systems until this September, but the main concern is whether they will be sufficiently prepared when PSD2 becomes mandatory. Also, as each of them can offer different integration, this can cause complexity in the payment process.
Today, the most common authentication method is 3D Secure and, based on the recommendation, the main method for authenticating online card payments will be 3D Secure 2.0 (3DS2). With 3DS2 customers may go through an authentication process at checkout without extra activity or verify payment without being redirected to an external page.

This is why at SecurionPay we continue to recommend that our clients keep our non-invasive 3D Secure enabled to minimize declines. It will add extra authentication to their payments without hindering conversion, and it will make merchants ready for 3DS2.

What about recurring transactions?

While recurring transactions with the same payment amount and recipient are out of SCA scope (only the first transaction will be authenticated), it can get more complex if the subscription is a varying payment amount.

Note that even though there are exemptions from the SCA that are applicable for online transactions, it’s up to the issuing bank whether to accept an exemption request or require extra authentication on a transaction. So, there are still more questions than answers.

Find a PSD2-ready payment partner

What we know for sure is that PSD2 will undoubtedly have impact on every business that sells online, so they need to react quickly to minimize the way it can affect their customer experience.

To stay compliant with PSD2 after September 14, online businesses need to ensure that a payment platform they use provides updated technology and is ready to process payments with extra authentication. So, if you choose a reliable payment provider, you won’t have to worry about new regulations.

For the record, SecurionPay is setting the standard with speed and is ready for 3DS2, so merchants who work with us are assured that they will comply with new regulations.

If you have any questions about the impact of PSD2 on the industry and how you can prepare your business to get the most out of it, I will be more than happy to answer all your questions during the forthcoming TES conference in Prague.